//package com.catvgd.springbootdemo.config.shiro;
//
//import java.util.LinkedHashMap;
//import java.util.Map;
//
//import org.apache.shiro.spring.LifecycleBeanPostProcessor;
//import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
//import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
//import org.apache.shiro.cache.CacheManager;
//import org.apache.shiro.mgt.RememberMeManager;
//import org.apache.shiro.mgt.SecurityManager;
//import org.apache.shiro.session.mgt.SessionManager;
//import org.apache.shiro.session.mgt.eis.SessionDAO;
//import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
//import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
//import org.slf4j.Logger;
//import org.slf4j.LoggerFactory;
//import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
//import org.springframework.context.annotation.Bean;
//import org.springframework.context.annotation.Configuration;
//import org.springframework.context.annotation.DependsOn;
//
//import com.catvgd.springbootdemo.common.shiro.RedisSessionDao;
//import com.catvgd.springbootdemo.common.shiro.MyShiroRealm;
//
//@Configuration
//public class ShiroConfig {
//
//    private static final Logger logger = LoggerFactory.getLogger(ShiroConfig.class);
//
//    @Bean
//    public MyShiroRealm userRealm() {
//        return new MyShiroRealm();
//    }
//
//    @Bean
//    public SessionDAO redisSessionDao() {
//        return new RedisSessionDao();
//    }
//
//    @Bean
//    public SessionManager sessionManager(CacheManager cacheManager, SessionDAO sessionDao) {
//        DefaultWebSessionManager manager = new DefaultWebSessionManager();
//        manager.setCacheManager(cacheManager);// 加入缓存管理器
//        manager.setSessionDAO(sessionDao);// 设置SessionDao
//        manager.setDeleteInvalidSessions(true);// 删除过期的session
//        manager.setGlobalSessionTimeout(120000);// 设置全局session超时时间
//        manager.setSessionValidationSchedulerEnabled(true);// 是否定时检查session
//        return manager;
//    }
//
//    @Bean
//    public SecurityManager securityManager(MyShiroRealm userRealm, CacheManager cacheManager, SessionManager sessionManager,
//            RememberMeManager rememberMeManager) {
//        logger.info("注入Shiro的Web过滤器-->securityManager", ShiroFilterFactoryBean.class);
//        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
//        securityManager.setRealm(userRealm);
//        // 注入缓存管理器;
//        securityManager.setCacheManager(cacheManager);// 这个如果执行多次，也是同样的一个对象;
//        // session管理器
//        securityManager.setSessionManager(sessionManager);
//        // 注入记住我管理器;
//        securityManager.setRememberMeManager(rememberMeManager);
//        return securityManager;
//    }
//
//    @Bean
//    public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
//        return new LifecycleBeanPostProcessor();
//    }
//
//    @Bean
//    @DependsOn({ "lifecycleBeanPostProcessor" })
//    public DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator() {
//        DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
//        advisorAutoProxyCreator.setProxyTargetClass(true);
//        return advisorAutoProxyCreator;
//    }
//
//    @Bean
//    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
//        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
//        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
//        return authorizationAttributeSourceAdvisor;
//    }
//
//    @Bean
//    public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager) {
//        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
//
//        // 必须设置 SecurityManager
//        shiroFilterFactoryBean.setSecurityManager(securityManager);
//
//        // 如果不设置默认会自动寻找Web工程根目录下的"/login.jsp"页面
//        shiroFilterFactoryBean.setLoginUrl("/login");
//        // 登录成功后要跳转的链接
//        shiroFilterFactoryBean.setSuccessUrl("/index");
//        // 未授权界面;
//        shiroFilterFactoryBean.setUnauthorizedUrl("/403");
//
//        // 拦截器.
//        Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>();
//        // 配置不会被拦截的链接 顺序判断
//        filterChainDefinitionMap.put("/static/**", "anon");
//        filterChainDefinitionMap.put("/ajaxLogin", "anon");
//
//        // 配置退出过滤器,其中的具体的退出代码Shiro已经替我们实现了
//        filterChainDefinitionMap.put("/logout", "logout");
//
//        filterChainDefinitionMap.put("/add", "perms[权限添加]");
//
//        // <!-- 过滤链定义，从上向下顺序执行，一般将 /**放在最为下边 -->:这是一个坑呢，一不小心代码就不好使了;
//        // <!-- authc:所有url都必须认证通过才可以访问; anon:所有url都都可以匿名访问-->
//        filterChainDefinitionMap.put("/**", "authc");
//
//        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
//        System.out.println("Shiro拦截器工厂类注入成功");
//        return shiroFilterFactoryBean;
//    }
//
//}
